Wireless Sensor Networks (WSNs) typically include spatially distributed autonomous sensors to cooperatively monitor physical or environmental conditions. A node in the WSN may include one or more sensors, a wireless communication device (e.g., a radio transceiver), a small processor (e.g., a microcontroller), and an energy source (e.g., a battery).
WSNs have wide application in various monitoring systems. For example, WSNs have enormous critical applications in systems including, but not limited to, military surveillance and reconnaissance to keep track of the enemy, health monitoring, smart homes, and disaster area monitoring.
Nodes in the WSNs communicate over radio transmissions and a transmitter can send a message to all its receivers in a single radio transmission. However, this increases the vulnerability in communication to various security challenges such as Denial of Service (DoS) attacks.
There are several types of DoS attacks, among which, jamming attacks have become the most significant threats to WSNs because of their effectiveness and lethal damage against WSNs. The main objective of a jamming attack is to effectively jam the communication within a WSN without being discovered and located. In a jamming attack, malice via a jammer node disseminates out adversarial signals into busy channels that are filled with legitimate sensor transmissions without following any legitimate protocols. This will result in the slump of the Signal to Noise Ratio (SNR) and network throughput. The jammer node disrupts the message delivery of its neighboring sensor nodes with interference signals. Because the jammers do not need to explore the internal information of the network components, this light weight attack is easy to launch and favored by attackers.
In the realm of jamming attacks, reactive jamming poses the maximum threat while requiring the lowest attacker energy against WSNs. Therefore, the reactive jamming attack has emerged as the attack of choice for disrupting WSNs due to its efficient attack strategy and the level of difficulty required to discover such an attack is taking place. In a reactive jamming attack, a malicious node (jammer) quietly scans all the available channels to sense any activity and blatantly starts injecting an adversarial signal on that channel. The jammer node stays quiet until a legitimate transmission—even a single bit—is sensed over the channel.
Protection against reactive jamming attacks can include detecting the jamming (signal) and mitigating the effects of the jamming. Detection of interference signals from jammer nodes is non-trivial due to the need for discrimination between normal noises and adversarial signals over unstable wireless channels. Numerous attempts to detect interference signals from jammer nodes include schemes for monitoring critical communication related objects, such as Receiver Signal Strength (RSS), Carrier Sensing Time (CST), and Packet Delivery Ratio (PDR), and then comparing the results with specific thresholds, which are established from basic statistical methods and multi-modal strategies. By such schemes, jamming signals could be discovered.
However, real-world application of using these signals to locate and catch the jammer nodes is complicated and has not been settled. Furthermore, reactive jamming attacks, where the jammer nodes are not continuously active and thus do not necessarily cause large deviations of the variables monitored from normal legitimate profiles (in order to compare with specific thresholds), cannot be efficiently tackled by these methods. Therefore, many existing countermeasures focus on mitigation of the jamming attacks.
Two strategies have been adopted at sensor nodes to escape from the detected interferences, namely, channel surfing and spatial retreats. Channel surfing employs frequency hopping (FH) techniques at both communication ends. A purpose of the FH techniques is to cause the jammer nodes to become unable to find the current channel that is used for the communication, so that the attack efficiency of the jammer nodes is greatly decreased. Spatial retreating strategies require sensor nodes to retreat from the possible jammed areas such that no sensor nodes will be affected by the jamming signals. However, owing to the limited power and spectral diversity of wireless sensors, these mitigation schemes are inefficient due to their considerable computation and communication overheads. In addition, lack of pre-knowledge over possible positions of hidden reactive jammer nodes makes it difficult for legitimate nodes, when using these mitigation schemes, to efficiently evade jamming signals, especially in dense sensor networks where multiple mobile nodes can easily activate reactive jammer nodes and cause the interference.
Unfortunately, jamming attacks in WSNs are evolving at a higher rate than their available preventive countermeasures.
Existing countermeasures against reactive jamming attacks can be broadly classified into: 1) physical layer approaches, 2) medium access control (MAC) layer approaches, and 3) network layer approaches.
The physical layer approaches generally use FH (such as FH spread spectrum), Direct-Sequence Spread Spectrum (DSSS), and Code Division Multiple Access (CDMA), which tend to require a high computational cost and complexity.
The MAC layer approaches are either inherently based on FH or on repositioning the sensor nodes, which may result in network partitioning and bring in high computation overhead. Network isolation is also a concern where portions of the network become isolated from each other.
The network layer approaches quarantine possible jammed areas and re-route all the messages that originally pass the jammed areas. However, the network layer approach can create unnecessarily big jammed region and result in isolated networks. This tends to occur because many nodes in the exaggeratedly large jammed region may still be able to transmit without activating the jammers, yet they are isolated and the message delivery is interrupted. Additionally, the message overhead is relatively high during its mapping processing.
Accordingly, there continues to be a need in the art for effective and efficient schemes for protecting WSNs against reactive attacks.